Overview
About vulnerability
In the Linux kernel, the following vulnerability has been resolved:
mm: multi-gen LRU: fix crash during cgroup migration
lru_gen_migrate_mm() assumes lru_gen_add_mm() runs prior to itself. This isn’t true for the following scenario:
CPU 1 CPU 2
clone() cgroup_can_fork() cgroup_procs_write() cgroup_post_fork() task_lock() lru_gen_migrate_mm() task_unlock() task_lock() lru_gen_add_mm() task_unlock()
And when the above happens, kernel crashes because of linked list corruption (mm_struct->lru_gen.list).
Details
- Affected product:
- AlmaLinux 9.2 ESU , TuxCare 9.6 ESU
- Affected packages:
- kernel @ 5.14.0 (+1 more)
In the Linux kernel, the following vulnerability has been resolved:
mm: multi-gen LRU: fix crash during cgroup migration
lru_gen_migrate_mm() assumes lru_gen_add_mm() runs prior to itself. This isn’t true for the following scenario:
CPU 1 CPU 2
clone() cgroup_can_fork() cgroup_procs_write() cgroup_post_fork() task_lock() lru_gen_migrate_mm() task_unlock() task_lock() lru_gen_add_mm() task_unlock()
And when the above happens, kernel crashes because of linked list corruption (mm_struct->lru_gen.list).